Docket No. 50277-1774 

REMARKS/ARGUMENTS 

No claims have been added, cancelled, or amended. Hence, Claims 1-40 are pending in 
the application. 

SUMMARY OF THE REJECTIONS 

Claims 1 - 5 and 21 - 25 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
U.S. Patent Application Publication No. US 2002/0143735 (herein "Ayi") in view of U.S. 
Patent No. 5,787,428 (herein "Hart"). 

Claims 6-20 and 26 - 40 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent No. 5,859,966 (herein "Hayman") in view of Ayi. 

TELEPHONE INTERVIEW 
The Examiner is thanked for the telephone interview conducted on September 8, 2006. 
The Applicants and Examiner agree that the evidence submitted via the Declaration under 37 
CFR § 1.131 is not intended to establish diligence. Indeed, statement 2 of the Declaration 
states: "We make this declaration for the purpose of establishing a reduction to practice of 
the inventions disclosed and claimed in the Application at a date prior to March 30, 2001, the 
effective filing date of U.S. Patent Application Publication No. US 2002/0143735, herein Ayi" 
(emphasis added). Establishing a reduction to practice does not require a showing of diligence 
(see MPEP§715.07(III)(A)). 

A. AN EXHIBIT NEED NOT SUPPORT ALL CLAIMED LIMITATIONS 

In the interview, the applicants also highlighted MPEP § 715.07 which states, "An 
accompanying exhibit need not support all claimed limitations, provided any missing 

OID-200 1-090-01 2 



Docket No. 50277-1774 

limitation is supported by the declaration itself (emphasis added). Therefore, the allegation on 
page 3 of the previous Office Action that the applicants must specifically point out or map 
particular portions of the exhibit with specific claim limitations is not supported by the MPEP. 

It should be appreciated by the Examiner that test script log files will not generate claim 
language word-for-word. In many cases, claims are written many months after the invention 
has been reduced to practice and therefore finding exact claim language in test script log files 
is practically impossible. 

With that said, significant features of Claim 1 can be correlated with specific sections of 
the test script log file of, and annotations to, Exhibit D. For example, in the SQL statement 
"DELETE FROM abc;" on page 9 of Exhibit D corresponds to "receiving a request for 
performing an operation set of one or more operations on data in a table." Page 2 of Exhibit D 
shows that a table entitled 6 abc' was created. Page 8 of Exhibit D illustrates that two policies 
(entitled "complex" and "simple") are applied to table 'abc'. Obviously, test script files and test 
script log files do not show the actual code that performs recited steps. Therefore, for example, 
it is difficult to show the step of "determining which policies. . and the step of "determining 
whether to perform the operation." Despite this difficulty, it is determined that the delete 
operation is not performed. 

As MPEP § 715.07 indicates, any missing limitations may be supported by the 
Declaration. All the statements of the Declaration taken together prove that the Applicants 
implemented Claims 1-5 and 21-25 before the effective filing date of Ayi. No where in the 
MPEP or CFR does it state that Declarations under CFR 1.131 are required to state word-for- 
word each claim limitation. To require such is mere form over substance since Applicants may 
simply recite each claim limitation and state that such claim limitation was implemented before 
a certain date. 
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Based on the foregoing, it is respectfully submitted that the Exhibits and the 
Declaration, taken together, support all the claimed limitations. 

B. THE EXAMINER INCORRECTLY ASSERTED THAT APPLICANTS DID NOT 
POSSESS THE INVENTION BEFORE THE EFFECTIVE FILING DATE OF AYI 
In the telephone interview, the Examiner asserted that error indications in the test script 

log files of Exhibits B and D is evidence that the Applicants did not possess the invention 

before the date in question. This is incorrect. 

First, the annotated portion of Exhibit D makes it clear that an operation (i.e., a delete 

operation in this example) on data in a table (i.e., table 'abc' in this example) is not performed. 

Claim 1 states "determining whether to perform the operation on a row of the table". The text 

script file of Exhibit C uses the error indication to illustrate that a certain operation is not 

performed. The error indication is not proof, in any way, that the Applicants did not possess the 

invention before the date in question. 

Second, the Examiner is not allowed to ignore evidence that the Applicants did 

possess the invention before the date in question. Statement 4 of the declaration states: 

We participated on a team that developed the implementation of claims 1 - 5 and 21 - 
25 that is incorporated into an Oracle™ database server product. After the design phase 
of the development, successful tests were run to show that the implementation 
worked according to claims 1-5 and 21 - 25. These tests, which were conducted 
using standard internal test processes and procedures, were completed before the 
effective filing date of Ayi and were carried out in this country, (emphasis added) 

Therefore, it is quite clear, based on this evidence, that the Applicants had reduced to practice 

an implementation of Claims 1-5 and 21-25 before the effective filing date of Ayi (see also 

statement 3 of the Declaration). 
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Lastly, it is respectfully submitted that the Examiner is not "competent", in the legal 
sense of the word, to determine that the test script files and the test script log files themselves 
prove that the invention was not reduced to practice. In a court of law, opinion testimony from 
non-experts may be admissible as long as the testimony is not based on scientific, technical, or 
other specialized knowledge (see Rule 701 of the Federal Rules of Evidence). In this case, 
knowledge of internal test processes and procedures is clearly technical and specialized. 
However, Rule 702 of the Federal Rules of Evidence states that opinion testimony of technical 
or other specialized knowledge must be based upon sufficient facts or data. Clearly, only the 
Applicants are aware of all the internal test processes and procedures that are used to test the 
invention. The Examiner has no knowledge of what code is used by the Applicants to test 
programs, nor is the Examiner familiar with all types of output messages that the test code 
generates based on the various input. Therefore, the Examiner's statement that output of the 
test scripts indicates that the Applicants did not possess the invention is based on insufficient 
facts or data. The Examiner is not in a position to make judgments pertaining to the efficacy of 
such internal test processes and procedures, especially when the test script files and test script 
log files provide a significant amount of detail, as in this case. 

It is respectfully submitted that the evidence offered in the Declaration and the Exhibits 
present both facts and data with clear explanations to show the completion of an 
implementation of Claims 1-5 and 21-25 before the effective filing date of Ayi. Removal of 
the rejection with respect to Claims 1-5 and 21-25 is respectfully requested. 

CLAIMS 6 AND 26 

Claims 6 and 26 recite: 

registering, with a database management system, one or more packages of routines, 
wherein each package of said one or more packages implements a security 
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model that supports a model set of one or more policies of the database policy 

set and said each package includes an access mediation routine; 
associating a first policy of a first model set in a first package with a first table 

within the database system; and 
invoking the access mediation routine in the first package for determining whether to 

allow operation on data in the first table based on the first policy, (emphasis 

added) 

Claims 6 and 26 require "registering, with a database management system . . . one or 
more packages of routines, wherein each package . . . implements a security model . . . and said 
each package includes an access mediation routine," and "invoking the access mediation 
routine [to determine] ... whether to allow operation on data in the first table." This feature is 
not disclosed or suggested by Hayman. 

First, the Office Action alleges that the "applicant admits that registering one or more 

packages of routines are well known in the art" on page 17 of the Specification. This is plainly 

incorrect. The italicized sentence below is taken completely out of context. The applicable 

language from the Specification states: 

In step 212 a first security model package is registered with the security manager 132 of 
the database server 130. In some embodiments, the database security administrator 
designs and develops the security model package. In some embodiments the security 
model package is provided by the developer of the security manager 132, or is provided 
by a third party vendor, so that a database administrator does not have to develop her 
own package. For example, a security model package 1 10 that supports a 
compartmented security model is provided by the developer of the security manager, 
and the database security administrator registers the package 110 with the database 
server 130. Any manner known in the art for registering the package at the time the 
package is registered can be used. For example, the database security administrator 
types in a name of the file containing the package in a dialog box of a graphical 
user interface for the security manager 132 of the database server 130 (page 17, 
paragraph 57) (emphasis added). 

Clearly, what is meant by "any manner known in the art for registering the package at the time 

the package is registered can be used" is that the manner in which a package is identified for 

being registered is not important (e.g., dialog box of a GUI or DOS command). However, 

nothing in the Specification implies or suggests that previous database systems actually register 
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one or more packages of routines as claimed (i.e., wherein each package implements a security 
model and includes an access mediation routine). 

The Office Action also asserts that "Hayman teaches incorporate [ing] and installing] 
security software which inherently includes registering one or more packages of routines." The 
paragraphs cited by the Office Action in support of this assertion state that a "Session Monitor 
has been designed to be extensible, in the sense that the owner of the security system can 
incorporate their own software to change access mode of a user or administrator" (col. 8, line 
66 - col. 9, line 2). Thus, the Office Action equates the Session Monitor with a package of 
routines. 

The Session Monitor, however, "controls the manner in which a user or administrator 
initially gains access to the system, and the manner in which a user or administrator changes 
from their current mode of access to a different mode (for example, from user to 
administrator)" (col. 8, lines 55-60), whereas Claim 6 requires that a policy from a package of 
routines is associated with a table within the database system. There is no teaching or 
suggestion in Hayman that the Session Monitor, or any component thereof, is associated 
with a table within a database system. 

The Office Action also cites paragraphs in Hayman that describe a Reference Monitor 
for teaching the first step of Claim 6. "The Reference Monitor is the entity that mediates all 
requests for access to an object by a subject, and thus controls whether, and to what extent, the 
subject is granted access to the object" (col. 9, lines 56-59). However, the reference does not 
disclose that this may be registered so that it can be customized and implemented by the user. 
Indeed, it was described in a version of Data General's security system as being "tightly 
integrated with Data General's operating system" (col. 1, lines 26-28). This indicates that 
customization is not readily possible and that the Reference Monitor is actually an embedded 
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native software component of the security system, not a separate module that needs to be 
registered. Again, this is all in contradiction to the elements of Claims 6 and 26. 

The Office Action also alleges that Hayman col. 5, lines 18-60 teaches "associating a 
first policy of a first model set in a first package with" an object. To be clear, instead of an 
object, Claim 6 states that the first policy is associated with "a first table within the database 
system". The Office Action equates the "labels" described in the above cited portion of 
Hayman with the "first policy" of Claim 6. However, the "first policy" of Claim 6 is a policy of 
a model set in a package that is registered with a database management system. No where 
does Hayman teach or suggest in the above cited portion that a "label" is registered with a 
database management system. 

Because Hayman fails to teach or suggest that a "first policy" is part of a package that is 
associated with an object, much less a table, Hayman also fails to teach or suggest "invoking the 
access mediation routine in the first package for determining whether to allow operation on 
data... based on the first policy". 

Remember, regardless of the above cited deficiency in the Office Action, the first 
requirement of Claims 6 and 26 is "registering, with a database management system, one or 
more packages of routines. . . ." These packages of routines are separate from the label-based 
security policies which govern whether operations can be performed on particular data. This is 
significant because it allows the routines to be administered and customized separate from the 
label-based security policies. The Hayman reference does not discuss or teach that routines are 
registered with the database management system. Hayman does describe security labels in the 
form of a capability set that are assigned or placed on an object by the owner of the object. 
However, these labels cannot in any way be equated to the routines used to support the label- 
based security policies. 
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In sum, Hayman only discusses the use of security-based labels and not registered 
routines that may be, for example, customized to affect how those labels are used to determine 
proper access. The Hayman implementation uses non-registerable and native components of an 
application to implement the policies. 

Thus, because Hayman, alone or in combination with Ayi, does not teach, suggest, or 
render obvious Claims 6 and 26, it is respectfully submitted that Claims 6 and 26 are patentable 
over the combination of Hayman and Ayi. Reconsideration and allowance of claims 6 and 26 
are respectfully requested. 

DEPENDENT CLAIMS 
The pending claims not discussed so far are dependent claims that depend on an 
independent claim that is discussed above. Because each of the dependent claims includes the 
limitations of claims upon which they depend, the dependent claims are patentable for at least 
those reasons the claims upon which the dependent claims depend are patentable. Removal of 
the rejections with respect to the dependent claims and allowance of the dependent claims is 
respectfully requested. In addition, the dependent claims introduce additional limitations that 
independently render them patentable. Due to the fundamental difference already identified, a 
separate discussion of those limitations is not included at this time. 
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CONCLUSION 

For the reasons set forth above, it is respectfully submitted that all of the pending claims 
are now in condition for allowance. Therefore, the issuance of a formal Notice of Allowance is 
believed next in order, and that action is most earnestly solicited. 

The Examiner is respectfully requested to contact the undersigned by telephone if it is 
believed that such contact would further the examination of the present application. 

Please charge any shortages or credit any overages to Deposit Account No. 50-1302. 



2055 Gateway Place, Suite 550 

San Jose, CA95110 

(408)414-1080 

Date: September 12, 2006 

Facsimile: (408)414-1076 



Respectfully submitted, 



HICKMAN PALERMO TRUONG & BECKER LLP 




"Daniel D. Ledesma 
Reg. No. 57,181 




on September 12, 2006 



by 
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